The General Data Protection Regulation (GDPR) is under a year away from coming into effect, and regardless of Brexit, GDPR will have an affect on UK businesses.
As such there is a need to hurry to get data stores, processes and governance into place before the rules come into full effect.
Speaking to Silicon at our stand in Infosecurity 2017, Jan Smets, a certified data protection officer at digital security firm Gemalto, told us that different companies are at different stages with their readiness for GDPR.
“I think most companies are beginning to get the hang of what they need to do,” he said.
“I think it is a bit of a little bit of a mixed playing field; you always have people running ahead of the curve, you have people lagging behind. It’s hard to tell exactly where the market is at the moment, because it’s so different customer to customer.”
These steps include getting familiar with the legal framework, performing data classification and defining procedures and putting technical measures into place to ensure their data is protected up to the standards GDPR expects.
Smets said that many companies will not be fully ready for GDPR, but if they show they are trying to work on adopting the standards of the new regulation, then officials will play a remediating role in assisting them rather than simply slapping them with crippling fines.
For the full interview, checkout the video above.
There was plenty more going on at the Silicon stand, including a discussion ESET on security threat trends and insight from Symantec on IT integration and security.
Ban on easy to guess default passwords, plus obligation on manufacturers to be transparent about…